Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Jv3rSUwyoFKj_-Gz986YwvPBaFM.roa
File: Jv3rSUwyoFKj_-Gz986YwvPBaFM.roa (raw, json)
Hash identifier: 6U4sJQ5VadRvdcEbaCjDPXAYdE+ydK/NYVHISildXms=
Subject key identifier: 26:FD:EB:49:4C:32:A0:52:A3:FF:E1:B3:F7:CE:98:C2:F3:C1:68:53
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019DAA6A846731BB9C48D71F3652A2159D9E
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Jv3rSUwyoFKj_-Gz986YwvPBaFM.roa
Signing time: Mon 20 Apr 2026 10:23:20 +0000
ROA not before: Mon 20 Apr 2026 10:23:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60631
IP address blocks: 5.159.49.0/24 maxlen: 24
109.122.246.0/24 maxlen: 24
185.239.0.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
188.212.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:6a:84:67:31:bb:9c:48:d7:1f:36:52:a2:15:9d:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Apr 20 10:23:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=26fdeb494c32a052a3ffe1b3f7ce98c2f3c16853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:75:4a:b4:d8:dd:2e:5a:80:e8:50:ff:b8:59:
10:c5:ba:d4:8b:7e:99:1b:64:6a:e9:27:b7:dc:d8:
e3:25:bc:e9:63:5b:18:b1:48:d8:ac:37:d1:86:ce:
45:84:f7:95:ad:07:58:48:ae:a6:01:7c:1d:31:09:
43:a2:fb:e6:ac:4c:1d:eb:3a:c5:1c:e9:86:08:b0:
b2:e1:be:f9:36:85:c3:8d:8d:e6:00:d2:31:12:c2:
d5:b6:d1:22:5f:ec:e7:0e:f1:b7:39:79:9c:48:88:
f0:ad:d2:28:80:7a:da:7e:56:2e:a3:20:a1:f3:b1:
e1:7f:aa:b7:ed:f1:24:ac:0f:7d:bd:c8:d3:8f:6e:
9f:55:2b:48:dc:16:2f:76:1a:71:d9:1d:73:20:74:
54:97:52:c2:09:0c:2c:70:d1:08:99:fe:e3:0a:9f:
1b:9f:07:2e:d3:3f:97:72:20:63:f0:43:8f:7f:e5:
86:56:c1:95:e4:1c:c6:c9:8e:85:27:0c:ba:71:bb:
4a:5c:29:1c:d8:51:2f:f7:0a:10:86:87:61:0d:cb:
eb:2c:75:61:6f:b9:12:90:11:f6:a6:65:0b:18:90:
8e:88:ab:cd:25:f6:f6:2b:81:c7:10:fd:de:b9:8c:
00:0d:cf:c8:81:a2:d1:67:ae:89:fd:1b:8f:2b:ac:
c6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:FD:EB:49:4C:32:A0:52:A3:FF:E1:B3:F7:CE:98:C2:F3:C1:68:53
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Jv3rSUwyoFKj_-Gz986YwvPBaFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
109.122.246.0/24
185.239.0.0/24
185.239.3.0/24
188.212.96.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:c6:32:12:81:5b:32:e5:e0:27:88:d8:4e:47:b0:d8:87:a0:
0c:ac:22:c7:5a:82:a1:d9:a4:0e:3e:47:3c:97:a4:c1:65:30:
d3:c6:04:27:8b:5a:26:a2:96:3f:41:77:5c:97:b8:f5:5f:9b:
e7:5c:83:53:de:31:d9:bb:e5:56:ba:45:c7:5c:91:38:57:da:
4d:45:e4:5c:02:2a:99:be:2c:78:ff:ac:7d:c1:d2:d7:51:6b:
23:6a:36:dd:ac:49:fa:4b:4d:2c:6d:1e:c2:f4:c2:79:26:43:
3d:c6:d4:d4:1c:6e:10:63:c2:5d:ec:c2:d3:01:55:06:f8:4c:
35:db:60:73:65:a6:e4:d4:e3:b9:41:f6:95:51:e9:a7:68:06:
67:92:97:c2:72:25:b7:ae:e8:05:33:c7:66:95:24:18:85:27:
02:71:22:19:9e:13:48:a4:8c:08:57:22:ca:ca:d6:34:8a:01:
49:8f:21:46:d1:35:4c:49:23:4b:eb:a5:cc:b9:0a:01:21:df:
20:a0:d6:5e:cc:90:85:f3:94:77:2e:82:30:71:59:20:51:e2:
4d:7e:80:fb:4a:22:96:cb:c4:58:34:ac:a0:44:3b:fb:a8:26:
bf:79:39:f6:cf:7b:1a:23:73:35:e5:91:81:20:d5:b5:e3:7e:
94:62:79:4e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ2qaoRnMbucSNcfNlKiFZ2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjYwNDIwMTAyMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmZkZWI0OTRjMzJhMDUyYTNmZmUxYjNmN2NlOThjMmYzYzE2ODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3VKtNjdLlqA6FD/uFkQxbrUi36Z
G2Rq6Se33NjjJbzpY1sYsUjYrDfRhs5FhPeVrQdYSK6mAXwdMQlDovvmrEwd6zrF
HOmGCLCy4b75NoXDjY3mANIxEsLVttEiX+znDvG3OXmcSIjwrdIogHraflYuoyCh
87Hhf6q37fEkrA99vcjTj26fVStI3BYvdhpx2R1zIHRUl1LCCQwscNEImf7jCp8b
nwcu0z+XciBj8EOPf+WGVsGV5BzGyY6FJwy6cbtKXCkc2FEv9woQhodhDcvrLHVh
b7kSkBH2pmULGJCOiKvNJfb2K4HHEP3euYwADc/IgaLRZ66J/RuPK6zG8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCb960lMMqBSo//hs/fOmMLzwWhTMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvSnYzclNVd3lvRktqXy1Hejk4Nll3dlBCYUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABZ8xAwQA
bXr2AwQAue8AAwQAue8DAwQAvNRgMA0GCSqGSIb3DQEBCwUAA4IBAQBaxjISgVsy
5eAniNhOR7DYh6AMrCLHWoKh2aQOPkc8l6TBZTDTxgQni1omopY/QXdcl7j1X5vn
XINT3jHZu+VWukXHXJE4V9pNReRcAiqZvix4/6x9wdLXUWsjajbdrEn6S00sbR7C
9MJ5JkM9xtTUHG4QY8Jd7MLTAVUG+Ew122BzZabk1OO5QfaVUemnaAZnkpfCciW3
rugFM8dmlSQYhScCcSIZnhNIpIwIVyLKytY0igFJjyFG0TVMSSNL66XMuQoBId8g
oNZezJCF85R3LoIwcVkgUeJNfoD7SiKWy8RYNKygRDv7qCa/eTn2z3saI3M15ZGB
INW1436UYnlO
-----END CERTIFICATE-----
Generated at Mon Apr 27 14:44:32 2026 by rpki-client